Java https 解决PKIX path building failed问题(信任所有证书)

1、异常代码

PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

办法一

信任所有SSL证书,因为某些时候不能每次都手动的导入证书非常麻烦。现在封装了个方法,在连接openConnection的时候忽略掉证书就行了。

SslUtils.ignoreSsl();
  1. import java.security.cert.CertificateException;
  2. import java.security.cert.X509Certificate;
  3.  
  4. import javax.net.ssl.HostnameVerifier;
  5. import javax.net.ssl.HttpsURLConnection;
  6. import javax.net.ssl.SSLContext;
  7. import javax.net.ssl.SSLSession;
  8. import javax.net.ssl.TrustManager;
  9. import javax.net.ssl.X509TrustManager;
  10.  
  11. public class SslUtils {
  12.     private static void trustAllHttpsCertificates() throws Exception {
  13.         TrustManager[] trustAllCerts = new TrustManager[1];
  14.         TrustManager tm = new miTM();
  15.         trustAllCerts[0] = tm;
  16.         SSLContext sc = SSLContext.getInstance("SSL");
  17.         sc.init(null, trustAllCerts, null);
  18.         HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
  19. }
  20.  
  21. static class miTM implements TrustManager,X509TrustManager {
  22.     public X509Certificate[] getAcceptedIssuers() {
  23.         return null;
  24.     }
  25.  
  26.     public boolean isServerTrusted(X509Certificate[] certs) {
  27.         return true;
  28.     }
  29.  
  30.     public boolean isClientTrusted(X509Certificate[] certs) {
  31.         return true;
  32.     }
  33.  
  34.     public void checkServerTrusted(X509Certificate[] certs, String authType)
  35.             throws CertificateException {
  36.         return;
  37.     }
  38.  
  39.     public void checkClientTrusted(X509Certificate[] certs, String authType)
  40.             throws CertificateException {
  41.         return;
  42.     }
  43. }
  44.  
  45. /**
  46.  * 忽略HTTPS请求的SSL证书,必须在openConnection之前调用
  47.  * @throws Exception
  48.  */
  49. public static void ignoreSsl() throws Exception{
  50.     HostnameVerifier hv = new HostnameVerifier() {
  51.         public boolean verify(String urlHostName, SSLSession session) {
  52.             System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());
  53.             return true;
  54.         }
  55.     };
  56.     trustAllHttpsCertificates();
  57.     HttpsURLConnection.setDefaultHostnameVerifier(hv);
  58. }
  59.  
  60. }

 

注:本文转载自blog.csdn.net的yingwang9的文章"https://blog.csdn.net/yingwang9/article/details/130326166"。版权归原作者所有,此博客不拥有其著作权,亦不承担相应法律责任。如有侵权,请联系我们删除。
复制链接
相关推荐
发表评论

评论记录:

未查询到任何数据!